{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-04-19T00:00:00", "descriptions": [{"lang": "en", "value": "VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-12T17:57:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "oval:org.mitre.oval:def:15615", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15615"}, {"name": "vlc-mp4-dos(75038)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75038"}, {"name": "18757", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/18757/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-2396", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oval:org.mitre.oval:def:15615", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15615"}, {"name": "vlc-mp4-dos(75038)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75038"}, {"name": "18757", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/18757/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:34:25.263Z"}, "title": "CVE Program Container", "references": [{"name": "oval:org.mitre.oval:def:15615", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15615"}, {"name": "vlc-mp4-dos(75038)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75038"}, {"name": "18757", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/18757/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-2396", "datePublished": "2012-04-19T21:00:00", "dateReserved": "2012-04-19T00:00:00", "dateUpdated": "2024-08-06T19:34:25.263Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3FD4FB1-A4E7-4712-B864-0F85D957E81D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file."}, {"lang": "es", "value": "VideoLAN VLC media player v2.0.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero y ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un archivo MP4 modificado."}], "evaluatorComment": "http://cwe.mitre.org/data/definitions/369.html 'CWE-369: Divide By Zero'", "id": "CVE-2012-2396", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-04-19T21:55:01.287", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18757/"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75038"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15615"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/18757/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15615"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "taglib: Division by zero while parsing properties of certain MP4 audio files", "id": "818583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=818583"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file."], "name": "CVE-2012-2396", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "taglib", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2012-04-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-2396\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2396"], "statement": "This issue affects the version of the taglib package as shipped with Red Hat Enterprise Linux 6. The taglib library is used in client applications only though. Red Hat Security Response Team does not consider a user-assisted crash of a client application such as k3b or Totem to be a security issue."}